Secured multi-payload antennas operators operations

ABSTRACT

A disclosed method for secured multi-payload antennas operators operations comprises generating, by an antenna operations center (AOC), AOC commands using an antenna location pointing request for each of at least one antenna associated with each of at least one customer. The method further comprises transmitting, by a satellite operation center (SOC), the AOC commands and SOC commands to a vehicle via a ground antenna, where the SOC commands are related to at least one antenna associated with a host. Also, the method comprises generating customer antenna gimballing commands by using the AOC commands, and generating host antenna gimballing commands by using the SOC commands. Further, the method comprises gimballing respectively each of the antenna(s) associated with each of the customer(s) by using the customer antenna gimballing commands, and gimballing respectively each of the antenna(s) associated with the host by using the host antenna gimballing commands.

CROSS-REFERENCE TO RELATED APPLICATION

This application is a Continuation application of, and claims priorityto and the benefit of, U.S. patent application Ser. No. 16/189,863,filed on Nov. 13, 2018, which is a Continuation application of, andclaims priority to and the benefit of, U.S. patent application Ser. No.15/451,183, filed on Mar. 6, 2017, which issued as U.S. Pat. No.10,165,438 on Dec. 25, 2018, the entire disclosures of which areexpressly incorporated by reference herein.

FIELD

The present disclosure relates to antennas operators operations. Inparticular, it relates to secured multi-payload antennas operatorsoperations.

BACKGROUND

Currently, typical antennas (e.g., reflector antennas) on a vehicle(e.g., a satellite) have the ability to be steered (i.e. gimbaled) tochange their pointing location (e.g., to change their antenna beamboresight). All of this antenna steering is commanded and controlled bya single satellite controller (e.g., a host) with no resource allocationprivacy for customers utilizing antennas on the vehicle.

As such, there is a need for an improved antennas operators operationsdesign that allows for privacy in the allocation of antenna resources.

SUMMARY

The present disclosure relates to a method, system, and apparatus forsecured multi-payload antennas operators operations. In one or moreembodiments, a method for secured multi-payload antennas operatorsoperations comprises transmitting, by at least one customer, an antennalocation pointing request for each of at least one antenna associatedwith each of at least one customer to an antenna operations center(AOC). The method further comprises generating, by the AOC, unencryptedAOC commands using the antenna location pointing request for each of atleast one antenna. Also, the method comprises transmitting, by the AOC,the unencrypted AOC commands to a satellite operation center (SOC). Inaddition, the method comprises encrypting, by the SOC, the unencryptedAOC commands utilizing a communication security (COMSEC) variety togenerate encrypted AOC commands. Additionally, the method comprisesencrypting, by the SOC, unencrypted SOC commands utilizing the COMSECvariety to generate encrypted SOC commands. In one or more embodiments,the unencrypted SOC commands are related to at least one antennaassociated with a host. Also, the method comprises transmitting, by theSOC, the encrypted AOC commands and the encrypted SOC commands to aground antenna. In addition, the method comprises transmitting, by theground antenna, the encrypted AOC commands and the encrypted SOCcommands to a vehicle. Additionally, the method comprises decrypting, bya communication security module on the vehicle, the encrypted AOCcommands utilizing the COMSEC variety to generate the unencrypted AOCcommands. Also, the method comprises decrypting, by the communicationsecurity module on the vehicle, the encrypted SOC commands utilizing theCOMSEC variety to generate the unencrypted SOC commands. In addition,the method comprises generating, by at least one processor, customerantenna gimballing commands for each respective at least one antennaassociated with each of at least one customer by using the unencryptedAOC commands. Also, the method comprises generating, by at least oneprocessor, host antenna gimballing commands for each respective at leastone antenna associated with the host by using the unencrypted SOCcommands. In addition, the method comprises gimballing respectively eachof at least one antenna associated with each of at least one customer byusing the customer antenna gimballing commands. Also, the methodcomprises gimballing respectively each of at least one antennaassociated with the host by using the host antenna gimballing commands.In addition, the method comprises generating, by at least one processor,unencrypted telemetry by using antenna gimballing telemetry. Also, themethod comprises encrypting, by the communication security module, theunencrypted telemetry using the COMSEC variety to generate encryptedtelemetry. In addition, the method comprises transmitting, by thevehicle, the encrypted telemetry to the ground antenna. Additionally,the method comprises transmitting, by the ground antenna, the encryptedtelemetry to the SOC. In addition, the method comprises decrypting, bythe SOC, the encrypted telemetry utilizing the COMSEC variety togenerate the unencrypted telemetry. Additionally, the method comprisestransmitting, by the SOC, the unencrypted telemetry to the AOC. Also,the method comprises generating, by the AOC, an antenna pointinglocation for each of at least one antenna associated with each of atleast one customer by using the unencrypted telemetry. Further, themethod comprises transmitting, by the AOC, the antenna pointing locationfor each of at least one antenna associated with each of at least onecustomer respectively to each of at least one customer.

In one or more embodiments, at least one antenna associated with each ofat least one customer comprises at least one antenna reflector. In someembodiments, at least one antenna associated with the host comprises atleast one antenna reflector.

In at least one embodiment, the vehicle is a satellite, an aircraft, anunmanned aerial vehicle (UAV), or a space plane.

In one or more embodiments, the COMSEC variety comprises at least oneencryption key and/or at least one algorithm.

In at least one embodiment, a method for secured multi-payload antennasoperators operations comprises transmitting, by at least one customer,an antenna location pointing request for each of at least one antennaassociated with each of at least one customer to a client. Also, themethod comprises generating, by the client, unencrypted customercommands using the antenna location pointing request for each of atleast one antenna. In addition, the method comprises transmitting, bythe client, the unencrypted customer commands to a satellite operationcenter (SOC) primary server. Additionally, the method comprisesencrypting, by the SOC primary server, the unencrypted customer commandsutilizing a communication security (COMSEC) variety to generateencrypted customer commands. Also, the method comprises encrypting, bythe SOC primary server, unencrypted SOC commands utilizing the COMSECvariety to generate encrypted SOC commands. In one or more embodiments,the unencrypted SOC commands are related to at least one antennaassociated with a host. Also, the method comprises transmitting, by theSOC primary server, the encrypted customer commands and the encryptedSOC commands to a ground antenna. Additionally, the method comprisestransmitting, by the ground antenna, the encrypted customer commands andthe encrypted SOC commands to a vehicle. In addition, the methodcomprises decrypting, by a communication security module on the vehicle,the encrypted customer commands utilizing the COMSEC variety to generatethe unencrypted customer commands. Also, the method comprisesdecrypting, by the communication security module on the vehicle, theencrypted SOC commands utilizing the COMSEC variety to generate theunencrypted SOC commands. Also, the method comprises generating, by atleast one processor, customer antenna gimballing commands for eachrespective at least one antenna associated with each of at least onecustomer by using the unencrypted customer commands. In addition, themethod comprises generating, by at least one processor, host antennagimballing commands for each respective at least one antenna associatedwith the host by using the unencrypted SOC commands. Also, the methodcomprises gimballing respectively each of at least one antennaassociated with each of at least one customer by using the customerantenna gimballing commands. In addition, the method comprisesgimballing respectively each of at least one antenna associated with thehost by using the host antenna gimballing commands. Additionally, themethod comprises generating, by at least one processor, unencryptedtelemetry by using antenna gimballing telemetry. Also, the methodcomprises encrypting, by the communication security module, theunencrypted telemetry using the COMSEC variety to generate encryptedtelemetry. In addition, the method comprises transmitting, by thevehicle, the encrypted telemetry to the ground antenna. Also, the methodcomprises transmitting, by the ground antenna, the encrypted telemetryto the SOC primary server. In addition, the method comprises decrypting,by the SOC primary server, the encrypted telemetry utilizing the COMSECvariety to generate the unencrypted telemetry. Also, the methodcomprises transmitting, by the SOC primary server, the unencryptedtelemetry to the client. In addition, the method comprises generating,by the client, an antenna pointing location for each of at least oneantenna associated with each of at least one customer by using theunencrypted telemetry. Further, the method comprises transmitting, bythe client, the antenna pointing location for each of at least oneantenna associated with each of at least one customer respectively toeach of at least one customer.

In one or more embodiments, a method for secured multi-payload antennasoperators operations comprises transmitting, by at least one customer,an antenna location pointing request for each of at least one antennaassociated with each of at least one customer to an antenna operationscenter (AOC). Also, the method comprises generating, by the AOC,unencrypted AOC commands using the antenna location pointing request foreach of at least one antenna. In addition, the method comprisesencrypting, by the AOC, the unencrypted AOC commands utilizing a secondcommunication security (COMSEC) variety to generate encrypted AOCcommands. Additionally, the method comprises encrypting, by a satelliteoperation center (SOC), unencrypted SOC commands utilizing a firstCOMSEC variety to generate encrypted SOC commands. In one or moreembodiments, the unencrypted SOC commands are related to at least oneantenna associated with a host. Also, the method comprises transmitting,by the SOC, the encrypted SOC commands to the AOC. In addition, themethod comprises transmitting, by the AOC, the encrypted AOC commandsand the encrypted SOC commands to a ground antenna. Additionally, themethod comprises transmitting, by the ground antenna, the encrypted AOCcommands and the encrypted SOC commands to a vehicle. Also, the methodcomprises decrypting, by a first communication security module on thevehicle, the encrypted SOC commands utilizing the first COMSEC varietyto generate the unencrypted SOC commands. In addition, the methodcomprises decrypting, by a second communication security module on thevehicle, the encrypted AOC commands utilizing the second COMSEC varietyto generate the unencrypted AOC commands. Additionally, the methodcomprises generating, by at least one processor, customer antennagimballing commands for each respective at least one antenna associatedwith each of at least one customer by using the unencrypted AOCcommands. In addition, the method comprises generating, by at least oneprocessor, host antenna gimballing commands for each respective at leastone antenna associated with the host by using the unencrypted SOCcommands. Also, the method comprises gimballing respectively each of atleast one antenna associated with each of at least one customer by usingthe customer antenna gimballing commands. In addition, the methodcomprises gimballing respectively each of at least one antennaassociated with the host by using the host antenna gimballing commands.Also, the method comprises generating, by at least one processor,unencrypted telemetry by using the antenna gimballing telemetry. Inaddition, the method comprises encrypting, by the second communicationsecurity module, the unencrypted telemetry using the second COMSECvariety to generate encrypted telemetry. Additionally, the methodcomprises transmitting, by the vehicle, the encrypted telemetry to theground antenna. Also, the method comprises transmitting, by the groundantenna, the encrypted telemetry to the AOC. In addition, the methodcomprises decrypting, by the AOC, the encrypted telemetry using thesecond COMSEC variety to generate the unencrypted telemetry. Also, themethod comprises generating, by the AOC, an antenna pointing locationfor each of at least one antenna associated with each of at least onecustomer by using the unencrypted telemetry. In addition, the methodcomprises transmitting, by the AOC, the antenna pointing location foreach of at least one antenna associated with each of at least onecustomer respectively to each of at least one customer. In addition, themethod comprises generating, by the AOC, SOC telemetry by using theunencrypted telemetry. Further, the method comprises transmitting, bythe AOC, the SOC telemetry to the SOC.

In at least one embodiment, the first COMSEC variety comprises at leastone encryption key and/or at least one algorithm. In some embodiments,the second COMSEC variety comprises at least one encryption key and/orat least one algorithm.

In one or more embodiments, a method for secured multi-payload antennasoperators operations comprises transmitting, by at least one customer,an antenna location pointing request for each of at least one antennaassociated with each of at least one customer to a satellite operationcenter (SOC). The method further comprises generating, by the SOC,unencrypted customer commands using the antenna location pointingrequest for each of at least one antenna. Also, the method comprisesencrypting, by the SOC, the unencrypted customer commands utilizing acommunication security (COMSEC) variety to generate encrypted customercommands. In addition, the method comprises encrypting, by the SOC,unencrypted SOC commands utilizing the COMSEC variety to generateencrypted SOC commands. In one or more embodiments, the unencrypted SOCcommands are related to at least one antenna associated with a host.Also, the method comprises transmitting, by the SOC, the encryptedcustomer commands and the encrypted SOC commands to a ground antenna. Inaddition, the method comprises transmitting, by the ground antenna, theencrypted customer commands and the encrypted SOC commands to a vehicle.Additionally, the method comprises decrypting, by a communicationsecurity module on the vehicle, the encrypted customer commandsutilizing the COMSEC variety to generate the unencrypted customercommands. Also, the method comprises decrypting, by the communicationsecurity module on the vehicle, the encrypted SOC commands utilizing theCOMSEC variety to generate the unencrypted SOC commands. In addition,the method comprises generating, by at least one processor, customerantenna gimballing commands for each respective at least one antennaassociated with each of at least one customer by using the unencryptedcustomer commands. Also, the method comprises generating, by at leastone processor, host antenna gimballing commands for each respective atleast one antenna associated with the host by using the unencrypted SOCcommands. Also, the method comprises gimballing respectively each of atleast one antenna associated with each of at least one customer by usingthe customer antenna gimballing commands. In addition, the methodcomprises gimballing respectively each of at least one antennaassociated with the host by using the host antenna gimballing commands.Also, the method comprises generating, by at least one processor,unencrypted telemetry by using the antenna gimballing telemetry. Inaddition, the method comprises encrypting, by the communication securitymodule, the unencrypted telemetry using the COMSEC variety to generateencrypted telemetry. Also, the method comprises transmitting, by thevehicle, the encrypted telemetry to the ground antenna. Additionally,the method comprises transmitting, by the ground antenna, the encryptedtelemetry to the SOC. Also, the method comprises decrypting, by the SOC,the encrypted telemetry by using the COMSEC variety to generate theunencrypted telemetry. Also, the method comprises generating, by theSOC, an antenna pointing location for each of at least one antennaassociated with each of at least one customer by using the unencryptedtelemetry. Further, the method comprises transmitting, by the SOC, theantenna pointing location for each of at least one antenna associatedwith each of at least one customer respectively to each of at least onecustomer.

In one or more embodiments, a system for secured multi-payload antennasoperators operations comprises an antenna operations center (AOC) togenerate unencrypted AOC commands using an antenna location pointingrequest for each of at least one antenna associated with each of atleast one customer, and to transmit the unencrypted AOC commands to asatellite operation center (SOC). The system further comprises the SOCto encrypt the unencrypted AOC commands utilizing a communicationsecurity (COMSEC) variety to generate encrypted AOC commands; to encryptunencrypted SOC commands utilizing the COMSEC variety to generateencrypted SOC commands, where the unencrypted SOC commands are relatedto at least one antenna associated with a host; and to transmit theencrypted AOC commands and the encrypted SOC commands to a groundantenna. Also, the system comprises the ground antenna to transmit theencrypted AOC commands and the encrypted SOC commands to a vehicle. Inaddition, the system comprises a communication security module on thevehicle to decrypt the encrypted AOC commands utilizing the COMSECvariety to generate the unencrypted AOC commands, and to decrypt theencrypted SOC commands utilizing the COMSEC variety to generate theunencrypted SOC commands. Additionally, the system comprises at leastone processor to generate customer antenna gimballing commands for eachrespective at least one antenna associated with each of at least onecustomer by using the unencrypted AOC commands, and to generate hostantenna gimballing commands for each respective at least one antennaassociated with the host by using the unencrypted SOC commands. Also,the system comprises each of at least one antenna associated with eachof at least one customer gimballed by using the customer antennagimballing commands. In addition, the system comprises each of at leastone antenna associated with the host gimballed by using the host antennagimballing commands. Also, the system comprises at least one processorto generate unencrypted telemetry by using antenna gimballing telemetry.In addition, the system comprises the communication security module toencrypt the unencrypted telemetry using the COMSEC variety to generateencrypted telemetry. Also, the system comprises the vehicle to transmitthe encrypted telemetry to the ground antenna. In addition, the systemcomprises the ground antenna to transmit the encrypted telemetry to theSOC. Additionally, the system comprises the SOC to decrypt the encryptedtelemetry utilizing the COMSEC variety to generate the unencryptedtelemetry, and to transmit the unencrypted telemetry to the AOC.Further, the system comprises the AOC to generate an antenna pointinglocation for each of at least one antenna associated with each of atleast one customer by using the unencrypted telemetry, and to transmitthe antenna pointing location for each of at least one antennaassociated with each of at least one customer respectively to each of atleast one customer.

In at least one embodiment, a system for secured multi-payload antennasoperators operations comprises a client to generate unencrypted customercommands using an antenna location pointing request for each of at leastone antenna associated with each of at least one customer, and totransmit the unencrypted customer commands to a satellite operationcenter (SOC) primary server. The system further comprises the SOCprimary server to encrypt the unencrypted customer commands utilizing acommunication security (COMSEC) variety to generate encrypted customercommands; to encrypt unencrypted SOC commands utilizing the COMSECvariety to generate encrypted SOC commands, where the unencrypted SOCcommands are related to at least one antenna associated with a host; andto transmit the encrypted customer commands and the encrypted SOCcommands to a ground antenna. Also, the system comprises the groundantenna to transmit the encrypted customer commands and the encryptedSOC commands to a vehicle. In addition, the system comprises acommunication security module on the vehicle to decrypt the encryptedcustomer commands utilizing the COMSEC variety to generate theunencrypted customer commands, and to decrypt the encrypted SOC commandsutilizing the COMSEC variety to generate the unencrypted SOC commands.Also, the system comprises at least one processor to generate customerantenna gimballing commands for each respective at least one antennaassociated with each of at least one customer by using the unencryptedcustomer commands, to generate host antenna gimballing commands for eachrespective at least one antenna associated with the host by using theunencrypted SOC commands. In addition, the system comprises each of atleast one antenna associated with each of at least one customer gimbaledby using the customer antenna gimballing commands. Also, the systemcomprises each of at least one antenna associated with the host gimbaledby using the host antenna gimballing commands. In addition, the systemcomprises at least one processor to generate unencrypted telemetry byusing antenna gimballing telemetry. Additionally, the system comprisesthe communication security module to encrypt the unencrypted telemetryusing the COMSEC variety to generate encrypted telemetry. Also, thesystem comprises the vehicle to transmit the encrypted telemetry to theground antenna. In addition, the system comprises the ground antenna totransmit the encrypted telemetry to the SOC primary server.Additionally, the system comprises the SOC primary server to decrypt theencrypted telemetry utilizing the COMSEC variety to generate theunencrypted telemetry, and to transmit the unencrypted telemetry to theclient. Further, the system comprises the client to generate an antennapointing location for each of at least one antenna associated with eachof at least one customer by using the unencrypted telemetry, and totransmit the antenna pointing location for each of at least one antennaassociated with each of at least one customer respectively to each of atleast one customer.

In one or more embodiments, a system for secured multi-payload antennasoperators operations comprises an antenna operations center (AOC) togenerate unencrypted AOC commands using an antenna location pointingrequest for each of at least one antenna associated with each of atleast one customer, and to encrypt the unencrypted AOC commandsutilizing a second communication security (COMSEC) variety to generateencrypted AOC commands. The system further comprises a satelliteoperation center (SOC) to encrypt unencrypted SOC commands utilizing afirst COMSEC variety to generate encrypted SOC commands, where theunencrypted SOC commands are related to at least one antenna associatedwith a host, and to transmit the encrypted SOC commands to the AOC.Also, the system comprises the AOC to transmit the encrypted AOCcommands and the encrypted SOC commands to a ground antenna. Inaddition, the system comprises the ground antenna to transmit theencrypted AOC commands and the encrypted SOC commands to a vehicle.Additionally, the system comprises a first communication security moduleon the vehicle to decrypt the encrypted SOC commands utilizing the firstCOMSEC variety to generate the unencrypted SOC commands. Also, thesystem comprises a second communication security module on the vehicleto decrypt the encrypted AOC commands utilizing the second COMSECvariety to generate the unencrypted AOC commands. In addition, thesystem comprises at least one processor to generate customer antennagimballing commands for each respective at least one antenna associatedwith each of at least one customer by using the unencrypted AOCcommands, and to generate host antenna gimballing commands for eachrespective at least one antenna associated with the host by using theunencrypted SOC commands. Additionally, the system comprises each of atleast one antenna associated with each of at least one customer gimbaledby using the customer antenna gimballing commands. Also, the systemcomprises each of at least one antenna associated with the host gimbaledby using the host antenna gimballing commands. In addition, the systemcomprises at least one processor to generate unencrypted telemetry byusing the antenna gimballing telemetry. Additionally, the systemcomprises the second communication security module to encrypt theunencrypted telemetry using the second COMSEC variety to generateencrypted telemetry. Also, the system comprises the vehicle to transmitthe encrypted telemetry to the ground antenna. In addition, the systemcomprises the ground antenna to transmit the encrypted telemetry to theAOC. Further, the system comprises the AOC to decrypt the encryptedtelemetry using the second COMSEC variety to generate the unencryptedtelemetry, to generate an antenna pointing location for each of at leastone antenna associated with each of at least one customer by using theunencrypted telemetry, to transmit the antenna pointing location foreach of at least one antenna associated with each of at least onecustomer respectively to each of at least one customer, to generate SOCtelemetry by using the unencrypted telemetry, and to transmit the SOCtelemetry to the SOC.

In at least one embodiment, a system for secured multi-payload antennasoperators operations comprises transmitting, by at least one customer,an antenna location pointing request for each of at least one antennaassociated with each of at least one customer to a satellite operationcenter (SOC). The system further comprises the SOC to generateunencrypted customer commands using an antenna location pointing requestfor each of at least one antenna associated with each of at least onecustomer; to encrypt the unencrypted customer commands utilizing acommunication security (COMSEC) variety to generate encrypted customercommands; to encrypt unencrypted SOC commands utilizing the COMSECvariety to generate encrypted SOC commands, where the unencrypted SOCcommands are related to at least one antenna associated with a host; andto transmit the encrypted customer commands and the encrypted SOCcommands to a ground antenna. In addition, the system comprises theground antenna to transmit the encrypted customer commands and theencrypted SOC commands to a vehicle. Also, the system comprises acommunication security module on the vehicle to decrypt the encryptedcustomer commands utilizing the COMSEC variety to generate theunencrypted customer commands, and to decrypt the encrypted SOC commandsutilizing the COMSEC variety to generate the unencrypted SOC commands.In addition, the system comprises at least one processor to generatecustomer antenna gimballing commands for each respective at least oneantenna associated with each of at least one customer by using theunencrypted customer commands, and to generate host antenna gimballingcommands for each respective at least one antenna associated with thehost by using the unencrypted SOC commands. Also, the system compriseseach of at least one antenna associated with each of at least onecustomer gimbaled by using the customer antenna gimballing commands. Inaddition, the system comprises each of at least one antenna associatedwith the host gimbaled by using the host antenna gimballing commands.Additionally, the system comprises at least one processor to generateunencrypted telemetry by using the antenna gimballing telemetry. Also,the system comprises the communication security module to encrypt theunencrypted telemetry using the COMSEC variety to generate encryptedtelemetry. In addition, the system comprises the vehicle to transmit theencrypted telemetry to the ground antenna. Additionally, the systemcomprises the ground antenna to transmit the encrypted telemetry to theSOC. Further, the system comprises the SOC to decrypt the encryptedtelemetry by using the COMSEC variety to generate the unencryptedtelemetry, to generate an antenna pointing location for each of at leastone antenna associated with each of at least one customer by using theunencrypted telemetry, and to transmit the antenna pointing location foreach of at least one antenna associated with each of at least onecustomer respectively to each of at least one customer.

In one or more embodiments, a method for secured multi-payload antennasoperators operations comprises generating, by an antenna operationscenter (AOC), AOC commands using an antenna location pointing requestfor each of at least one antenna associated with each of at least onecustomer. The method further comprises transmitting, by a satelliteoperation center (SOC), the AOC commands and SOC commands to a vehiclevia a ground antenna. In one or more embodiments, the SOC commands arerelated to at least one antenna associated with a host. Also, the methodcomprises generating, on the vehicle, customer antenna gimballingcommands by using the AOC commands. In addition, the method comprisesgenerating, on the vehicle, host antenna gimballing commands by usingthe SOC commands. Additionally, the method comprises gimballingrespectively each of at least one antenna associated with each of atleast one customer by using the customer antenna gimballing commands.Further, the method comprises gimballing respectively each of at leastone antenna associated with the host by using the host antennagimballing commands.

In one or more embodiments, a system for secured multi-payload antennasoperators operations comprising an antenna operations center (AOC) togenerate AOC commands using an antenna location pointing request foreach of at least one antenna associated with each of at least onecustomer. The system further comprises a satellite operation center(SOC) to transmit the AOC commands and SOC commands to a vehicle via aground antenna. In one or more embodiments, the SOC commands are relatedto at least one antenna associated with a host. The further systemcomprises the vehicle to generate customer antenna gimballing commandsby using the AOC commands and to generate host antenna gimballingcommands by using the SOC commands. Also, the system comprises each ofat least one antenna associated with each of at least one customergimballed respectively by using the customer antenna gimballingcommands. Further, the system comprises each of at least one antennaassociated with the host gimballed respectively by using the hostantenna gimballing commands.

The features, functions, and advantages can be achieved independently invarious embodiments of the present disclosure or may be combined in yetother embodiments.

DRAWINGS

These and other features, aspects, and advantages of the presentdisclosure will become better understood with regard to the followingdescription, appended claims, and accompanying drawings where:

FIG. 1 is a diagram showing the disclosed system for securedmulti-payload antennas operators operations utilizing an antennaoperations center (AOC), a satellite operation center (SOC) uplink, anda single communication security (COMSEC) variety for encryption, inaccordance with at least one embodiment of the present disclosure.

FIGS. 2A, 2B, 2C, and 2D together show a flow chart for the disclosedmethod for secured multi-payload antennas operators operations utilizingan AOC, a SOC uplink, and a single COMSEC variety for encryption, inaccordance with at least one embodiment of the present disclosure.

FIG. 3 is a diagram showing the disclosed system for securedmulti-payload antennas operators operations utilizing a client, a SOCuplink, and a single COMSEC variety for encryption, in accordance withat least one embodiment of the present disclosure.

FIGS. 4A, 4B, 4C, and 4D together show a flow chart for the disclosedmethod for secured multi-payload antennas operators operations utilizinga client, a SOC uplink, and a single COMSEC variety for encryption, inaccordance with at least one embodiment of the present disclosure.

FIG. 5 is a diagram showing the disclosed system for securedmulti-payload antennas operators operations utilizing an AOC uplink, aSOC, and a two COMSEC varieties for encryption, in accordance with atleast one embodiment of the present disclosure.

FIGS. 6A, 6B, 6C, and 6D together show a flow chart for the disclosedmethod for secured multi-payload antennas operators operations utilizingan AOC uplink, a SOC, and a two COMSEC varieties for encryption, inaccordance with at least one embodiment of the present disclosure.

FIG. 7 is a diagram showing the disclosed system for securedmulti-payload antennas operators operations utilizing a SOC uplink and asingle COMSEC variety for encryption, in accordance with at least oneembodiment of the present disclosure.

FIGS. 8A, 8B, 8C, and 8D together show a flow chart for the disclosedmethod for secured multi-payload antennas operators operations utilizinga SOC uplink and a single COMSEC variety for encryption, in accordancewith at least one embodiment of the present disclosure.

FIG. 9 is a diagram showing an exemplary graphical user interface (GUI)that may be employed for the disclosed system for secured multi-payloadantennas operators operations, in accordance with at least oneembodiment of the present disclosure.

DESCRIPTION

The methods and apparatus disclosed herein provide an operative systemfor secured multi-payload antennas operators operations. The system ofthe present disclosure allows for antenna operators to privately sharevehicle resources (e.g., satellite reflector antennas).

As previously mentioned above, currently, typical antennas (e.g.,reflector antennas) on a vehicle (e.g., a satellite) have the ability tobe steered (i.e. gimbaled) to change their pointing location (e.g., tochange their antenna beam boresight). All of this antenna steering iscommanded and controlled by a single satellite controller (e.g., a host)with no resource allocation privacy for customers utilizing antennas onthe vehicle.

The antennas (e.g., reflector antennas) of a satellite may be used bydifferent entities. For example, one or more antennas may be used by theowner of the satellite (i.e. the host), one or more customers, or somecombination thereof. For example, the owner of a satellite may leasedifferent antennas to different customers. In one example, one group ofantennas of the satellite may be leased to one customer, while a secondgroup of antennas may be leased to a second customer.

Leasing a satellite to multiple customers may increase the revenues thatan owner of a satellite can obtain. Further, a customer may use a subsetof the total resources in a satellite for a cost that is less than thecost for the customer to purchase and operate a satellite, to build andoperate a satellite, or to lease an entire satellite.

Customers of antennas of satellite systems desire independent andprivate operation of the satellite payload resources (e.g., satellitereflector antennas) from the owner/operator(s) (e.g., the host), suchthat the owner/operator(s) does not know how the payload customer isusing the resources (e.g., such that the owner/operator(s) does not knowwhere the antenna downlink transmissions are pointing, where thedownlink data is being transmitted, how often the downlink data is beingtransmitted, etc.). Currently, all commands to the satellite go throughthe owner/operator(s), where the customer provides the commands (oralternatively specifies their desired results) to the operator/owner(s),thereby allowing the owner/operator(s) to know all of the details aboutthe customer operations on the satellite. The owner/operator(s) thentransmits the appropriate commands to the satellite and the satellite isreconfigured accordingly. All commands are generally sent via a singlecommunication link.

The system of the present disclosure provides independent limitedcontrol to a non-owner/non-primary customer entity (e.g., a customer) toa predetermined portion of satellite payload resources (e.g., to one ormore satellite reflector antennas) by allowing, in one or moreembodiments, the customer to send unencrypted command type information(such as the latitude and longitude of the boresight of a downlinkantenna beam(s)) to a privacy-isolated intermediate Antenna OperationCenter (AOC). The AOC then uses the unencrypted command type informationto create encrypted payload commands to send to a Satellite OperatorCenter (SOC), who then sends the encrypted payload commands to thesatellite. Since the payload commands are encrypted, the SOC does notknow the details of the commands. After the satellite has beenreconfigured according to the commands (e.g., satellite reflectorantennas have each been gimballed according to the specified latitudeand longitude), the SOC receives encrypted telemetry commands from thesatellite. The SOC then unencrypts the encrypted telemetry commands, andsends the unencrypted telemetry commands to the AOC. The AOC transformsthe raw telemetry data to the particular command type informationinitially provided by the customer (e.g., the latitude and longitude ofthe boresight of a downlink antenna beam(s)), and then transmits thetransformed information to the customer.

In the following description, numerous details are set forth in order toprovide a more thorough description of the system. It will be apparent,however, to one skilled in the art, that the disclosed system may bepracticed without these specific details. In the other instances, wellknown features have not been described in detail so as not tounnecessarily obscure the system.

Embodiments of the present disclosure may be described herein in termsof functional and/or logical components and various processing steps. Itshould be appreciated that such components may be realized by any numberof hardware, software, and/or firmware components configured to performthe specified functions. For example, an embodiment of the presentdisclosure may employ various integrated circuit components (e.g.,memory elements, digital signal processing elements, logic elements,look-up tables, or the like), which may carry out a variety of functionsunder the control of one or more processors, microprocessors, or othercontrol devices. In addition, those skilled in the art will appreciatethat embodiments of the present disclosure may be practiced inconjunction with other components, and that the system described hereinis merely one example embodiment of the present disclosure.

For the sake of brevity, conventional techniques and components relatedto satellite communication systems, and other functional aspects of thesystem (and the individual operating components of the systems) may notbe described in detail herein. Furthermore, the connecting lines shownin the various figures contained herein are intended to representexample functional relationships and/or physical couplings between thevarious elements. It should be noted that many alternative or additionalfunctional relationships or physical connections may be present in anembodiment of the present disclosure.

FIG. 1 is a diagram 100 showing the disclosed system for securedmulti-payload antennas operators operations utilizing an antennaoperations center (AOC) 160, a satellite operation center (SOC) 150uplink 108, and a single communication security (COMSEC) variety (e.g.,COMSEC variety 1) for encryption, in accordance with at least oneembodiment of the present disclosure. In this figure, a vehicle 110, asatellite operation center (SOC) 150, an antenna operations center (AOC)160, and multiple customers 170 (i.e. n number of customers, where n isgreater than or equal to one) are shown. The customers 170 have eachleased at least one antenna 121 on the vehicle 110 from the owner of asatellite (i.e. the SOC 150 (i.e. the host)). It should be noted that insome embodiments, the customers 170 may lease all of the antennas 120,121 on the vehicle 110 from the owner of a satellite (i.e. the SOC 150).In these embodiments, the SOC commands, which will be discussed infurther detail below, will simply be unoperational commands ornonexistent.

Various different types of vehicles 110 may be employed for the vehicle110 including, but not limited to, an airborne vehicle. And, variousdifferent types of airborne vehicles may be employed for the vehicle 110including, but not limited to, a satellite, an aircraft, an unmannedaerial vehicle (UAV), and a space plane. Additionally, various differenttypes of satellites may be employed for the vehicle 110 including, butnot limited to geosynchronous earth orbit (GEO) satellites, medium earthorbit (MEO), lower earth orbit (LEO), and highly elliptical orbit (HEO)satellites.

During operation, each customer 170 generates an antenna pointingrequest for each antenna 121 associated with the customer 170. Forexample, Customer #1 170 generates an antenna pointing request for theCustomer #1 assigned antenna 121 on the vehicle 110. There may bevarious different ways the customer 170 generates the antenna pointingrequest. In one or more embodiments, the customer 170 utilizes agraphical user interface (GUI) (e.g., at the customer's 170 remotelocation) to select (or input) a specific latitude and longitudelocation for the boresight of the antenna beam for each antenna on thevehicle 110 that the customer is leasing. One example GUI that may beemployed is shown in FIG. 9.

FIG. 9 is a diagram 900 showing an exemplary graphical user interface(GUI) that may be employed for the disclosed system for securedmulti-payload antennas operators operations, in accordance with at leastone embodiment of the present disclosure. In this figure, a computerscreen 910 is shown to be displaying input boxes for the latitude andlongitude of the desired location of the boresight of the antenna beamfor six different antennas. In one or more embodiments, the customer mayuse the mouse 920 (or some other means) to select which input box totype in a desired latitude and longitude for a boresight of an antennathat the customer is using on the vehicle 110. Then, the customer maysimply type in the latitude number and longitude number for the desiredlocation. For example, if the customer is using Antenna 1 and desiresthe boresight of the antenna beam for Antenna 1 to be located in Berlin,Germany, the customer will type in “52.520007” degrees in the Latitudeinput box for Antenna 1 and type in “13.404954” degrees in the Longitudeinput box for Antenna 1. In some embodiments, after doing so, thecomputer screen 910 will display the corresponding antenna beamboresight location on a map.

Referring back to FIG. 1, after each customer 170 generates an antennapointing request (e.g., a specific latitude and longitude location forthe boresight of the antenna beam) for each antenna 121 associated withthe customer 170, each customer 170 then transmits 105 (e.g., via a webbrowser over the internet (e.g., via a terrestrial link with Internetprotocol security (IPsec) over a virtual private network (VPN)) theirantenna pointing requests to the AOC 160. In one or more embodiments,the antenna pointing requests are transmitted 105 without encryption.However, in other embodiments, there may be a point-to-point encryptionutilized between the customers 170 and the AOC 160.

After the AOC 160 receives the antenna pointing requests from thecustomers 170, the AOC 160 generates unencrypted AOC commands using theantenna pointing requests. The unencrypted AOC commands are commandsthat are used to command the gimballing mechanism for each antenna 121associated with a customer 170 according to their respective antennapointing requests. For example, if Customer #1 170 has specified thatthe Customer #1 assigned antenna 121 should be gimballed such that thelatitude and longitude of the antenna beam of the Customer #1 assignedantenna 121 be located at Berlin, Germany, and the latitude andlongitude of the antenna beam of the Customer #1 assigned antenna 121 iscurrently at London, England; the unencrypted AOC commands will specifythat the gimballing mechanism (e.g., stepper motor) on the vehicle 110gimbal (i.e. steer) the Customer #1 assigned antenna 121 accordingly(e.g., ten steps in azimuth and one step in elevation).

After the AOC 160 has generated the unencrypted AOC commands, the AOC160 transmits 106 (e.g., via a terrestrial link with internet protocolsecurity (IPsec) over a virtual private network (VPN)) the unencryptedAOC commands to the SOC 150. The SOC 150 then encrypts the unencryptedAOC commands utilizing a communication security (COMSEC) variety togenerate encrypted AOC commands. It should be noted that the COMSECvariety may include at least one encryption key and/or at least onealgorithm (e.g., a Type 1 encryption algorithm or a Type 2 encryptionalgorithm).

The SOC 150 also encrypts unencrypted SOC commands using the COMSECvariety to generate encrypted SOC commands. It should be noted that theunencrypted SOC commands are commands that are used to command thegimballing mechanism for each antenna 120 associated with the host (i.e.the SOC 150) according to the host's respective antenna pointingrequests. Similar to the unencrypted AOC commands, the unencrypted SOCcommands will specify that the gimballing mechanism (e.g., steppermotor) on the vehicle 110 gimbal (i.e. steer) each host assigned antenna120 accordingly.

The SOC 150 will then transmit 107 (e.g., via a terrestrial link withinternet protocol security (IPsec) over a virtual private network (VPN))the encrypted AOC commands and the encrypted SOC commands to a groundantenna 130. It should be noted that, although in FIG. 1 the SOC 150 isdepicted to be located far from the ground antenna 130, in someembodiments, the ground antenna 130 may be located right next to the SOC150.

Then, the ground antenna 130 transmits 108 the encrypted AOC commandsand the encrypted SOC commands to the vehicle 110. The ground antenna130 transmits 108 the encrypted AOC commands and the encrypted SOCcommands utilizing an out-of-band frequency band(s) (i.e. a frequencyband(s) that is not the same frequency band(s) utilized by the antennas120, 121 to transmit payload data). A command receiver 140 on thevehicle 110 receives the encrypted AOC commands and the encrypted SOCcommands. It should be noted that in other embodiments, the disclosedsystem may employ more than one command receiver 140 than as is shown inFIG. 1.

The command receiver 140 then transmits 109 the encrypted AOC commandsand the encrypted SOC commands to a communication security module 145.The communication security module 145 decrypts the encrypted AOCcommands utilizing the COMSEC variety to generate the unencrypted AOCcommands. Also, the communication security module 145 decrypts theencrypted SOC commands utilizing the COMSEC variety (e.g., COMSECVariety 1) to generate the unencrypted SOC commands.

It should be noted that the communication security module 145 maycomprise one or more modules. In addition, the communication securitymodule 145 may comprise one or more processors.

The communication security module 145 then transmits 101, 111 theunencrypted AOC commands and the unencrypted SOC commands to at leastone processor 155. The processor(s) 155 then generates customer antennagimballing commands (e.g., machine commands for the gimballing mechanismstepper motor for each antenna) for each customer antenna 121 by usingthe unencrypted AOC commands. The processor(s) 155 also generates hostantenna gimballing commands (e.g., machine commands for the gimballingmechanism stepper motor for each antenna) for each host antenna 120 byusing the unencrypted SOC commands.

The processor(s) 155 then transmits 112 the customer antenna gimballingcommands respectively to each customer antenna 121. The gimballingmechanism for each customer antenna 121 gimbals (i.e. steers) itsrespective customer antenna 121 according to its specific customerantenna gimballing commands. Each customer antenna 121 transmits payloaddata in its respective antenna beam to at least one customer receivingantenna 190 on the ground.

The processor(s) 155 also transmits 112 the host antenna gimballingcommands respectively to each host antenna 120. The gimballing mechanismfor each host antenna 120 gimbals (i.e. steers) its respective hostantenna 120 according to its specific host antenna gimballing commands.Each host antenna 120 transmits payload data in its respective antennabeam to at least one host receiving antenna 185 on the ground.

It should be noted that in one or more embodiments, each customerantenna 121 and/or each host antenna 120 comprise a reflector and agimballing mechanism to gimbal (i.e. steer) the reflector. In someembodiments, each customer antenna 121 and/or each host antenna 120comprise at least two reflectors (i.e. a main reflector and at least onesubreflector) and a gimballing mechanism to gimbal (i.e. steer) the mainreflector. It should be noted that the main reflector and/or thesubreflector(s) may be parabolic reflectors or shaped reflectors. In theembodiments where each customer antenna 121 and/or each host antenna 120comprise two reflectors (i.e. a main reflector and one subreflector) anda gimballing mechanism to gimbal (i.e. steer) the main reflector, thereflectors (i.e. the main reflector and the subreflector) may bearranged in a Gregorian reflector antenna configuration or a Cassegrainantenna configuration. In other embodiments, each customer antenna 121and/or each host antenna 120 comprise at least one direct radiating hornantenna (e.g., an array of horn antennas) and a gimballing mechanism togimbal (i.e. steer) the direct radiating horn antenna(s) (e.g., thegimballing mechanism gimbals the horns individually or the gimballingmechanism gimbals a platform, where the direct radiating horn antennasare mounted onto the platform).

Then, each customer antenna 121 and each host antenna 120 transmit 113antenna gimballing telemetry (e.g., machine telemetry indicating thatthe antenna has been gimballed accordingly) from their respectivegimballing mechanisms to the processor(s) 155. The processor(s) 155 thengenerates unencrypted telemetry by using the gimballing telemetry.

Then, the processor(s) 155 transmits 114 the unencrypted telemetry tothe communication security module 145. The communication security module145 encrypts the unencrypted telemetry using the COMSEC variety (e.g.,COMSEC variety 1) to generate encrypted telemetry. Then thecommunication security module 145 transmits 115 the encrypted telemetryto a telemetry transmitter 165. It should be noted that in otherembodiments, the disclosed system may employ more than one telemetrytransmitter 165 than as is shown in FIG. 1.

Then, the telemetry transmitter 165 transmits 116 the encryptedtelemetry to the ground antenna 130. The telemetry transmitter 165transmits 116 the encrypted telemetry utilizing an out-of-band frequencyband(s) (i.e. a frequency band(s) that is not the same frequency band(s)utilized by the antennas 120, 121 to transmit payload data).

The ground antenna 130 then transmits 117 (e.g., via a terrestrial linkwith internet protocol security (IPsec) over a virtual private network(VPN)) the encrypted telemetry to the SOC 150. The SOC 150 then decryptsthe encrypted telemetry using the COMSEC variety to generate theunencrypted telemetry. The SOC 150 then utilizes a database thatcomprises host antenna decommutated information and does not comprisecustomer antenna decornmutated information (i.e. a database withoutcustomer antenna decommutated information) to read to unencryptedtelemetry to determine the telemetry data related to the antenna(s) 120that is utilized by the SOC 150 (i.e. the host).

Then, the SOC 150 transmits 118 (e.g., via a terrestrial link withinternet protocol security (IPsec) over a virtual private network (VPN))the unencrypted telemetry to the AOC 160. The AOC 160 then utilizes adatabase that comprises customer antenna decommutated information anddoes not comprise host antenna decommutated information (i.e. a databasewithout host antenna decommutated information) to read to unencryptedtelemetry to determine the telemetry data related to the antenna(s) 121that is utilized by the customers 170. The AOC 160 then generates anantenna pointing location (e.g., the specific latitude and longitudelocation for the boresight of the antenna beam) for each antenna 121associated with each customer 170 by using the unencrypted telemetry.Then, the AOC 160 transmits 119 (e.g., via a web browser over theInternet (e.g., via a terrestrial link with internet protocol security(IPsec) over a virtual private network (VPN)) the antenna pointinglocation for each antenna 121 associated with each customer 170respectively to each customer 170. Then, in one or more embodiments, theantenna pointing location (e.g., the specific latitude and longitudelocation for the boresight of the antenna beam) for each antenna 121associated with each customer 170 will be displayed respectively on acomputer screen 910 (refer to FIG. 9) associated with each customer 170.

FIGS. 2A, 2B, 2C, and 2D together show a flow chart for the disclosedmethod for secured multi-payload antennas operators operations utilizingan AOC, a SOC uplink, and a single COMSEC variety for encryption, inaccordance with at least one embodiment of the present disclosure. Atthe start 200 of the method, at least one customer transmits an antennalocation pointing request for each of at least one antenna associatedwith each of at least one customer to an antenna operations center (AOC)205. Then, the AOC generates unencrypted AOC commands using the antennalocation pointing request for each of at least one antenna 210. The AOCthen transmits the unencrypted AOC commands to a satellite operationcenter (SOC) 215. Then, the SOC encrypts the unencrypted AOC commandsutilizing a communication security (COMSEC) variety to generateencrypted AOC commands 220. The SOC also encrypts the unencrypted SOCcommands utilizing the COMSEC variety to generate encrypted SOCcommands, where the unencrypted SOC commands are related to at least oneantenna associated with a host 225. The SOC then transmits the encryptedAOC commands and the encrypted SOC commands to a ground antenna 230. Theground antenna then transmits the encrypted AOC commands and theencrypted SOC commands to at least one command receiver on a vehicle235.

Then, at least one command receiver on the vehicle transmits theencrypted AOC commands and the encrypted SOC commands to a communicationsecurity module on the vehicle 240. The communication security module onthe vehicle then decrypts the encrypted AOC commands utilizing theCOMSEC variety to generate the unencrypted AOC commands 245. Thecommunication security module on the vehicle also decrypts the encryptedSOC commands utilizing the COMSEC variety to generate the unencryptedSOC commands 250. Then, the communication security module on the vehicletransmits the unencrypted AOC commands and the unencrypted SOC commandsto at least one processor on the vehicle 255. At least one processorthen generates customer antenna gimballing commands for each respectiveat least one antenna associated with each of at least one customer byusing the unencrypted AOC commands 260. Also, at least one processorgenerates host antenna gimballing commands for each respective at leastone antenna associated with the host by using the unencrypted SOCcommands 265. At least one processor transmits the customer antennagimbaling commands respectively to each of at least one antennaassociated with each of at least one customer 270. Also, at least oneprocessor transmits the host antenna gimballing commands respectively toeach of at least one antenna associated with the host 275. Then, each ofat least one antenna associated with each of at least one customer isrespectively gimballed by using the customer antenna gimballing commands280. Also, each of at least one antenna associated with the host isrespectively gimballed using the host gimballing commands 281.

Then, each of at least one antenna associated with each of at least onecustomer and each of at least one antenna associated with the hosttransmit antenna transmit gimballing telemetry to at least one processor282. At least one processor then generates unencrypted telemetry byusing the antenna gimballing telemetry 283. Then, at least one processortransmits the unencrypted telemetry to the communication security module284. The communication security module then encrypts the unencryptedtelemetry using the COMSEC variety to generate encrypted telemetry 285.Then, the communication security module transmits the encryptedtelemetry to at least one telemetry transmitter 286. At least onetelemetry transmitter then transmits the encrypted telemetry to theground antenna 287.

The ground antenna then transmits the encrypted telemetry to the SOC288. Then, the SOC decrypts the encrypted telemetry utilizing the COMSECvariety to generate the unencrypted telemetry 289. The SOC thentransmits the unencrypted telemetry to the AOC 290. Then, the AOCgenerates an antenna pointing location for each of at least one antennaassociated with each of at least one customer by using the encryptedtelemetry 291. The AOC then transmits the antenna pointing location foreach of at least one antenna associated with each of at least onecustomer respectively to each of at least one customer 292. Then, themethod ends 293.

FIG. 3 is a diagram 300 showing the disclosed system for securedmulti-payload antennas operators operations utilizing a client (e.g., aworkstation (w/s)) 360, a SOC uplink 308, and a single COMSEC variety(e.g., COMSEC variety 1) for encryption, in accordance with at least oneembodiment of the present disclosure. In this figure, a vehicle 310, asatellite operation center (SOC) 351 (i.e. comprising a SOC primaryserver 350 and a client (e.g., a workstation (w/s)) 360), and multiplecustomers 370 (i.e. n number of customers, where n is greater than orequal to one) are shown. The customers 370 have each leased at least oneantenna 321 on the vehicle 310 from the owner of a satellite (i.e. theSOC 351 (i.e. the host)). It should be noted that in some embodiments,the customers 370 may lease all of the antennas 320, 321 on the vehicle310 from the owner of a satellite (i.e. the SOC 351). In theseembodiments, the SOC commands, which will be discussed in further detailbelow, will simply be unoperational commands or nonexistent.

Various different types of vehicles 310 may be employed for the vehicle310 including, but not limited to, an airborne vehicle. And, variousdifferent types of airborne vehicles may be employed for the vehicle 310including, but not limited to, a satellite, an aircraft, an unmannedaerial vehicle (UAV), and a space plane. Additionally, various differenttypes of satellites may be employed for the vehicle 310 including, butnot limited to geosynchronous earth orbit (GEO) satellites, medium earthorbit (MEO), lower earth orbit (LEO), and highly elliptical orbit (HEO)satellites.

During operation, each customer 370 generates an antenna pointingrequest for each antenna 321 associated with the customer 370. Forexample, Customer #1 370 generates an antenna pointing request for theCustomer #1 assigned antenna 321 on the vehicle 310. There may bevarious different ways the customer 370 generates the antenna pointingrequest. In one or more embodiments, the customer 370 utilizes agraphical user interface (GUI) (e.g., at the customer's 370 remotelocation) to select (or input) a specific latitude and longitudelocation for the boresight of the antenna beam of for each antenna onthe vehicle 310 that the customer is leasing. One example GUI that maybe employed is shown in FIG. 9. A discussion regarding the details ofthe GUI in FIG. 9 can be found above.

After each customer 370 generates an antenna pointing request (e.g., aspecific latitude and longitude location for the boresight of theantenna beam) for each antenna 321 associated with the customer 370,each customer 370 then transmits 305 (e.g., via a web browser over theinternet (e.g., via a terrestrial link with internet protocol security(IPsec) over a virtual private network (VPN)) their antenna pointingrequests to the client 360. In one or more embodiments, the antennapointing requests are transmitted 305 without encryption. However, inother embodiments, there may be a point-to-point encryption utilizedbetween the customers 370 and the client 360.

It should be noted that the client 360 is located at or near the SOCprimary server 350. The client 360 serves as a buffer between thecustomers 370 and the SOC primary server 350 to add a layer of securityfor the SOC primary server 350.

After the client 360 receives the antenna pointing requests from thecustomers 370, the client 360 generates unencrypted customer commandsusing the antenna pointing requests. The unencrypted customer commandsare commands that are used to command the gimballing mechanism for eachantenna 321 associated with a customer 370 according to their respectiveantenna pointing requests. For example, if Customer #1 370 has specifiedthat the Customer #1 assigned antenna 321 should be gimballed such thatthe latitude and longitude of the antenna beam of the Customer #1assigned antenna 321 be located at Berlin, Germany, and the latitude andlongitude of the antenna beam of the Customer #1 assigned antenna 321 iscurrently at London, England; the unencrypted customer commands willspecify that the gimballing mechanism (e.g., stepper motor) on thevehicle 310 gimbal (i.e. steer) the Customer #1 assigned antenna 321accordingly (e.g., ten steps in azimuth and one step in elevation).

After the client 360 has generated the unencrypted customer commands,the client 360 transmits 306 the unencrypted customer commands to theSOC primary server 350. The SOC primary server 350 then encrypts theunencrypted customer commands utilizing a communication security(COMSEC) variety to generate encrypted customer commands. It should benoted that the COMSEC variety may include at least one encryption keyand/or at least one algorithm (e.g., a Type 1 encryption algorithm or aType 2 encryption algorithm).

The SOC primary server 350 also encrypts unencrypted SOC commands usingthe COMSEC variety to generate encrypted SOC commands. It should benoted that the unencrypted SOC commands are commands that are used tocommand the gimballing mechanism for each antenna 320 associated withthe host (i.e. the SOC 351) according to the host's respective antennapointing requests. Similar to the unencrypted customer commands, theunencrypted SOC commands will specify that the gimballing mechanism(e.g., stepper motor) on the vehicle 310 gimbal (i.e. steer) each hostassigned antenna 320 accordingly.

The SOC primary server 350 will then transmit 307 (e.g., via aterrestrial link with internet protocol security (IPsec) over a virtualprivate network (VPN)) the encrypted customer commands and the encryptedSOC commands to a ground antenna 330. It should be noted that, althoughin FIG. 3 the SOC 351 is depicted to be located far from the groundantenna 330, in some embodiments, the ground antenna 330 may be locatedright next to the SOC 351.

Then, the ground antenna 330 transmits 308 the encrypted customercommands and the encrypted SOC commands to the vehicle 310. The groundantenna 330 transmits 308 the encrypted customer commands and theencrypted SOC commands utilizing an out-of-band frequency band(s) (i.e.a frequency band(s) that is not the same frequency band(s) utilized bythe antennas 320, 321 to transmit payload data). A command receiver 340on the vehicle 310 receives the encrypted customer commands and theencrypted SOC commands. It should be noted that in other embodiments,the disclosed system may employ more than one command receiver 340 thanas is shown in FIG. 3.

The command receiver 340 then transmits 309 the encrypted customercommands and the encrypted SOC commands to a communication securitymodule 345. The communication security module 345 decrypts the encryptedcustomer commands utilizing the COMSEC variety to generate theunencrypted customer commands. Also, the communication security module345 decrypts the encrypted SOC commands utilizing the COMSEC variety(e.g., COMSEC Variety 1) to generate the unencrypted SOC commands.

It should be noted that the communication security module 345 maycomprise one or more modules. In addition, the communication securitymodule 345 may comprise one or more processors.

The communication security module 345 then transmits 301 the unencryptedcustomer commands and the unencrypted SOC commands to at least oneprocessor 355. The processor(s) 355 then generates customer antennagimballing commands (e.g., machine commands for the gimballing mechanismstepper motor for each antenna) for each customer antenna 321 by usingthe unencrypted customer commands. The processor(s) 355 also generateshost antenna gimballing commands (e.g., machine commands for thegimballing mechanism stepper motor for each antenna) for each hostantenna 320 by using the unencrypted SOC commands.

The processor(s) 355 then transmits 312 the customer antenna gimballingcommands respectively to each customer antenna 321. The gimballingmechanism for each customer antenna 321 gimbals (i.e. steers) itsrespective customer antenna 321 according to its specific customerantenna gimballing commands. Each customer antenna 321 transmits payloaddata in its respective antenna beam to at least one customer receivingantenna 390 on the ground.

The processor(s) 355 also transmits 312 the host antenna gimballingcommands respectively to each host antenna 320. The gimballing mechanismfor each host antenna 320 gimbals (i.e. steers) its respective hostantenna 320 according to its specific host antenna gimballing commands.Each host antenna 320 transmits payload data in its respective antennabeam to at least one host receiving antenna 385 on the ground.

It should be noted that in one or more embodiments, each customerantenna 321 and/or each host antenna 320 comprise a reflector and agimballing mechanism to gimbal (i.e. steer) the reflector. In someembodiments, each customer antenna 321 and/or each host antenna 320comprise at least two reflectors (i.e. a main reflector and at least onesubreflector) and a gimballing mechanism to gimbal (i.e. steer) the mainreflector. It should be noted that the main reflector and/or thesubreflector(s) may be parabolic reflectors or shaped reflectors. In theembodiments where each customer antenna 321 and/or each host antenna 320comprise two reflectors (i.e. a main reflector and one subreflector) anda gimballing mechanism to gimbal (i.e. steer) the main reflector, thereflectors (i.e. the main reflector and the subreflector) may bearranged in a Gregorian reflector antenna configuration or a Cassegrainantenna configuration. In other embodiments, each customer antenna 321and/or each host antenna 320 comprise at least one direct radiating hornantenna (e.g., an array of horn antennas) and a gimballing mechanism togimbal (i.e. steer) the direct radiating horn antenna(s) (e.g., thegimballing mechanism gimbals the horns individually or the gimballingmechanism gimbals a platform, where the direct radiating horn antennasare mounted onto the platform).

Then, each customer antenna 321 and each host antenna 320 transmit 313antenna gimballing telemetry (e.g., machine telemetry indicating thatthe antenna has been gimballed accordingly) from their respectivegimballing mechanisms to the processor(s) 355. The processor(s) 355 thengenerates unencrypted telemetry by using the gimballing telemetry.

Then, the processor(s) 355 transmits 314 the unencrypted telemetry tothe communication security module 345. The communication security module345 encrypts the unencrypted telemetry using the COMSEC variety (e.g.,COMSEC variety 1) to generate encrypted telemetry. Then thecommunication security module 345 transmits 315 the encrypted telemetryto a telemetry transmitter 365. It should be noted that in otherembodiments, the disclosed system may employ more than one telemetrytransmitter 365 than as is shown in FIG. 3.

Then, the telemetry transmitter 365 transmits 316 the encryptedtelemetry to the ground antenna 330. The telemetry transmitter 365transmits 316 the encrypted telemetry utilizing an out-of-band frequencyband(s) (i.e. a frequency band(s) that is not the same frequency band(s)utilized by the antennas 320, 321 to transmit payload data).

The ground antenna 330 then transmits 317 (e.g., via a terrestrial linkwith internet protocol security (IPsec) over a virtual private network(VPN)) the encrypted telemetry to the SOC primary server 350. The SOCprimary server 350 then decrypts the encrypted telemetry using theCOMSEC variety to generate the unencrypted telemetry. The SOC primaryserver 350 then utilizes a database that comprises host antennadecommutated information and does not comprise customer antennadecommutated information (i.e. a database without customer antennadecommutated information) to read to unencrypted telemetry to determinethe telemetry data related to the antenna(s) 320 that is utilized by theSOC 351 (i.e. the host).

Then, the SOC primary server 350 transmits 318 the unencrypted telemetryto the client 360. The client 360 then utilizes a database thatcomprises customer antenna decommutated information and does notcomprise host antenna decommutated information (i.e. a database withouthost antenna decommutated information) to read to unencrypted telemetryto determine the telemetry data related to the antenna(s) 321 that isutilized by the customers 370. The client 360 then generates an antennapointing location (e.g., the specific latitude and longitude locationfor the boresight of the antenna beam) for each antenna 321 associatedwith each customer 370 by using the unencrypted telemetry. Then, theclient 360 transmits 319 (e.g., via a web browser over the internet(e.g., via a terrestrial link with internet protocol security (IPsec)over a virtual private network (VPN)) the antenna pointing location foreach antenna 321 associated with each customer 370 respectively to eachcustomer 370. Then, in one or more embodiments, the antenna pointinglocation (e.g., the specific latitude and longitude location for theboresight of the antenna beam) for each antenna 321 associated with eachcustomer 370 will be displayed respectively on a computer screen 910(refer to FIG. 9) associated with each customer 370.

FIGS. 4A, 4B, 4C, and 4D together show a flow chart for the disclosedmethod for secured multi-payload antennas operators operations utilizinga client, a SOC uplink, and a single COMSEC variety for encryption, inaccordance with at least one embodiment of the present disclosure. Atthe start 400 of the method, at least one customer transmits an antennalocation pointing request for each of at least one antenna associatedwith each of at least one customer to a client 405. Then, the clientgenerates unencrypted customer commands using the antenna locationpointing request for each of at least one antenna 410. The client thentransmits the unencrypted customer commands to a satellite operationcenter (SOC) primary server 415. Then, the SOC primary server encryptsthe unencrypted customer commands utilizing a communication security(COMSEC) variety to generate encrypted customer commands 420. Also, theSOC primary server encrypts unencrypted SOC commands utilizing theCOMSEC variety to generate encrypted SOC commands, where the unencryptedSOC commands are related to at least one antenna associated with a host425. Then, the SOC transmits the encrypted customer commands and theencrypted SOC commands to a ground antenna 430. Then, the ground antennatransmits the encrypted customer commands and the encrypted SOC commandsto at least one command receiver on the vehicle 435.

At least one command receiver on the vehicle then transmits theencrypted customer commands and the encrypted SOC commands to acommunication security module on the vehicle 440. The communicationsecurity module on the vehicle then decrypts the encrypted customercommands utilizing the COMSEC variety to generate the unencryptedcustomer commands 445. Also, the communication security module on thevehicle decrypts the encrypted SOC commands utilizing the COMSEC varietyto generate unencrypted SOC commands 450. Then, the communicationsecurity module on the vehicle transmits the unencrypted customercommands and the unencrypted SOC commands to at least one processor onthe vehicle 455. At least one processor then generates customer antennagimballing commands for each respective at least one antenna associatedwith each of at least one customer by using the unencrypted customercommands 460. Also, at least one processor generates host antennagimballing commands for each respective at least one antenna associatedwith the host by using the unencrypted SOC commands 465. At least oneprocessor then transmits the customer antenna gimballing commandsrespectively to each of at least one antenna associated with each of atleast one customer 470. Also, at least one processor transmits the hostantenna gimballing commands respectively to each of at least one antennaassociated with the host 475. Then, each of at least one antennaassociated with each of at least one customer is respectively gimballedby using the customer antenna gimballing commands 480. Also, each of atleast one antenna associated with the host is respectively gimballed byusing the host antenna gimballing commands 481.

Then, each of at least one antenna associated with each of at least onecustomer and each of at least one antenna associated with the hosttransmit antenna gimballing telemetry to at least one processor 482. Atleast one processor then generates unencrypted telemetry by using theantenna gimballing telemetry 483. Then, at least one processor transmitsthe unencrypted telemetry to the communication security module 484. Thecommunication security module then encrypts the unencrypted telemetryusing the COMSEC variety to generate encrypted telemetry 485. Then, thecommunication security module transmits the encrypted telemetry to atleast one telemetry transmitter 486. Then, at least one telemetrytransmitter transmits the encrypted telemetry to the ground antenna 487.

Then, the ground antenna transmits the encrypted telemetry to the SOCprimary server 488. The SOC primary server then decrypts the encryptedtelemetry utilizing the COMSEC variety to generate the unencryptedtelemetry 489. Then, the SOC primary server transmits the unencryptedtelemetry to the client 490. The client then generates an antennapointing location for each of at least one antenna associated with eachof at least one customer by using the unencrypted telemetry 491. Then,the client transmits the antenna pointing location for each of at leastone antenna associated with each of at least one customer respectivelyto each of at least one customer 492. Then, the method ends 493.

FIG. 5 is a diagram 500 showing the disclosed system for securedmulti-payload antennas operators operations utilizing an AOC 560 uplink508, a SOC 550, and a two COMSEC varieties (e.g., COMSEC variety 1 andCOMSEC variety 2) for encryption, in accordance with at least oneembodiment of the present disclosure. In this figure, a vehicle 510, asatellite operation center (SOC) 550, an antenna operations center (AOC)560, and multiple customers 570 (i.e. n number of customers, where n isgreater than or equal to one) are shown. The customers 570 have eachleased at least one antenna 521 on the vehicle 510 from the owner of asatellite (i.e. the SOC 550 (i.e. the host)). It should be noted that insome embodiments, the customers 570 may lease all of the antennas 520,521 on the vehicle 510 from the owner of a satellite (i.e. the SOC 550).In these embodiments, the SOC commands, which will be discussed infurther detail below, will simply be unoperational commands ornonexistent.

Various different types of vehicles 510 may be employed for the vehicle510 including, but not limited to, an airborne vehicle. And, variousdifferent types of airborne vehicles may be employed for the vehicle 510including, but not limited to, a satellite, an aircraft, an unmannedaerial vehicle (UAV), and a space plane. Additionally, various differenttypes of satellites may be employed for the vehicle 510 including, butnot limited to geosynchronous earth orbit (GEO) satellites, medium earthorbit (MEO), lower earth orbit (LEO), and highly elliptical orbit (HEO)satellites.

During operation, each customer 570 generates an antenna pointingrequest for each antenna 521 associated with the customer 570. Forexample, Customer #1 570 generates an antenna pointing request for theCustomer #1 assigned antenna 521 on the vehicle 510. There may bevarious different ways the customer 570 generates the antenna pointingrequest. In one or more embodiments, the customer 570 utilizes agraphical user interface (GUI) (e.g., at the customer's 570 remotelocation) to select (or input) a specific latitude and longitudelocation for the boresight of the antenna beam of for each antenna onthe vehicle 510 that the customer is leasing. One example GUI that maybe employed is shown in FIG. 9. A discussion regarding the details ofthe GUI in FIG. 9 can be found above.

After each customer 570 generates an antenna pointing request (e.g., aspecific latitude and longitude location for the boresight of theantenna beam) for each antenna 521 associated with the customer 570,each customer 570 then transmits 505 (e.g., via a web browser over theinternet (e.g., via a terrestrial link with internet protocol security(IPsec) over a virtual private network (VPN)) their antenna pointingrequests to the AOC 560. In one or more embodiments, the antennapointing requests are transmitted 505 without encryption. However, inother embodiments, there may be a point-to-point encryption utilizedbetween the customers 570 and the AOC 560.

After the AOC 560 receives the antenna pointing requests from thecustomers 570, the AOC 560 generates unencrypted AOC commands using theantenna pointing requests. The unencrypted AOC commands are commandsthat are used to command the gimballing mechanism for each antenna 521associated with a customer 570 according to their respective antennapointing requests. For example, if Customer #1 570 has specified thatthe Customer #1 assigned antenna 521 should be gimballed such that thelatitude and longitude of the antenna beam of the Customer #1 assignedantenna 521 be located at Berlin, Germany, and the latitude andlongitude of the antenna beam of the Customer #1 assigned antenna 521 iscurrently at London, England; the unencrypted AOC commands will specifythat the gimballing mechanism (e.g., stepper motor) on the vehicle 510gimbal (i.e. steer) the Customer #1 assigned antenna 521 accordingly(e.g., ten steps in azimuth and one step in elevation).

After the AOC 560 has generated the unencrypted AOC commands, the AOC560 then encrypts the unencrypted AOC commands utilizing a secondcommunication security (COMSEC) variety (e.g., COMSEC Variety 2) togenerate encrypted AOC commands. It should be noted that the secondCOMSEC variety may include at least one encryption key and/or at leastone algorithm (e.g., a Type 1 encryption algorithm or a Type 2encryption algorithm).

The SOC 550 also encrypts unencrypted SOC commands using a first COMSECvariety (e.g., COMSEC Variety 1) to generate encrypted SOC commands. Itshould be noted that the unencrypted SOC commands are commands that areused to command the gimballing mechanism for each antenna 520 associatedwith the host (i.e. the SOC 550) according to the host's respectiveantenna pointing requests. Similar to the unencrypted AOC commands, theunencrypted SOC commands will specify that the gimballing mechanism(e.g., stepper motor) on the vehicle 510 gimbal (i.e. steer) each hostassigned antenna 520 accordingly.

The SOC 550 will then transmit 506 (e.g., via a terrestrial link withinternet protocol security (IPsec) over a virtual private network (VPN))the encrypted SOC commands to the AOC 560. The AOC 560 will thentransmit 507 (e.g., via a terrestrial link with Internet protocolsecurity (IPsec) over a virtual private network (VPN)) the encrypted AOCcommands and the encrypted SOC commands to a ground antenna 530. Itshould be noted that, although in FIG. 5 the AOC 560 is depicted to belocated far from the ground antenna 530, in some embodiments, the groundantenna 530 may be located right next to the AOC 560.

Then, the ground antenna 530 transmits 508 the encrypted AOC commandsand the encrypted SOC commands to the vehicle 510. The ground antenna530 transmits 508 the encrypted AOC commands and the encrypted SOCcommands utilizing an out-of-band frequency band(s) (i.e. a frequencyband(s) that is not the same frequency band(s) utilized by the antennas520, 521 to transmit payload data). A command receiver 540 on thevehicle 510 receives the encrypted AOC commands and the encrypted SOCcommands. It should be noted that in other embodiments, the disclosedsystem may employ more than one command receiver 540 than as is shown inFIG. 5.

The command receiver 540 then transmits 509 the encrypted AOC commandsto a second communication security module 546. The second communicationsecurity module 546 decrypts the encrypted AOC commands utilizing thesecond COMSEC variety to generate the unencrypted AOC commands. Itshould be noted that the second communication security module 546 maycomprise one or more modules. In addition, the second communicationsecurity module 546 may comprise one or more processors.

The command receiver 540 also transmits 522 the encrypted SOC commandsto a first communication security module 545. The first communicationsecurity module 545 decrypts the encrypted SOC commands utilizing thefirst COMSEC variety to generate the unencrypted SOC commands. It shouldbe noted that the first communication security module 545 may compriseone or more modules. In addition, the first communication securitymodule 545 may comprise one or more processors.

The second communication security module 546 then transmits 501 theunencrypted AOC commands to at least one processor 555. Also, the firstcommunication security module 545 then transmits 511 the unencrypted SOCcommands to the processor 555.

The processor(s) 555 then generates customer antenna gimballing commands(e.g., machine commands for the gimballing mechanism stepper motor foreach antenna) for each customer antenna 521 by using the unencrypted AOCcommands. The processor(s) 555 also generates host antenna gimballingcommands (e.g., machine commands for the gimballing mechanism steppermotor for each antenna) for each host antenna 520 by using theunencrypted SOC commands.

The processor(s) 555 then transmits 512 the customer antenna gimballingcommands respectively to each customer antenna 521. The gimballingmechanism for each customer antenna 521 gimbals (i.e. steers) itsrespective customer antenna 521 according to its specific customerantenna gimballing commands. Each customer antenna 521 transmits payloaddata in its respective antenna beam to at least one customer receivingantenna 590 on the ground.

The processor(s) 555 also transmits 512 the host antenna gimballingcommands respectively to each host antenna 520. The gimballing mechanismfor each host antenna 520 gimbals (i.e. steers) its respective hostantenna 520 according to its specific host antenna gimballing commands.Each host antenna 520 transmits payload data in its respective antennabeam to at least one host receiving antenna 585 on the ground.

It should be noted that in one or more embodiments, each customerantenna 521 and/or each host antenna 520 comprise a reflector and agimballing mechanism to gimbal (i.e. steer) the reflector. In someembodiments, each customer antenna 521 and/or each host antenna 520comprise at least two reflectors (i.e. a main reflector and at least onesubreflector) and a gimballing mechanism to gimbal (i.e. steer) the mainreflector. It should be noted that the main reflector and/or thesubreflector(s) may be parabolic reflectors or shaped reflectors. In theembodiments where each customer antenna 521 and/or each host antenna 520comprise two reflectors (i.e. a main reflector and one subreflector) anda gimballing mechanism to gimbal (i.e. steer) the main reflector, thereflectors (i.e. the main reflector and the subreflector) may bearranged in a Gregorian reflector antenna configuration or a Cassegrainantenna configuration. In other embodiments, each customer antenna 521and/or each host antenna 520 comprise at least one direct radiating hornantenna (e.g., an array of horn antennas) and a gimballing mechanism togimbal (i.e. steer) the direct radiating horn antenna(s) (e.g., thegimballing mechanism gimbals the horns individually or the gimballingmechanism gimbals a platform, where the direct radiating horn antennasare mounted onto the platform).

Then, each customer antenna 521 and each host antenna 520 transmit 513antenna gimballing telemetry (e.g., machine telemetry indicating thatthe antenna has been gimballed accordingly) from their respectivegimballing mechanisms to the processor(s) 555. The processor(s) 555 thengenerates unencrypted telemetry by using the gimballing telemetry.

Then, the processor(s) 555 transmits 514 the unencrypted telemetry tothe second communication security module 546. The second communicationsecurity module 546 encrypts the unencrypted telemetry using the secondCOMSEC variety (e.g., COMSEC variety 2) to generate encrypted telemetry.Then the second communication security module 546 transmits 515 theencrypted telemetry to a telemetry transmitter 565. It should be notedthat in other embodiments, the disclosed system may employ more than onetelemetry transmitter 565 than as is shown in FIG. 5.

Then, the telemetry transmitter 565 transmits 516 the encryptedtelemetry to the ground antenna 530. The telemetry transmitter 565transmits 516 the encrypted telemetry utilizing an out-of-band frequencyband(s) (i.e. a frequency band(s) that is not the same frequency band(s)utilized by the antennas 520, 521 to transmit payload data).

The ground antenna 530 then transmits 517 (e.g., via a terrestrial linkwith internet protocol security (IPsec) over a virtual private network(VPN)) the encrypted telemetry to the AOC 560. The AOC 560 then decryptsthe encrypted telemetry using the second COMSEC variety to generate theunencrypted telemetry. The AOC 560 then utilizes a database thatcomprises customer antenna decommutated information and does notcomprise host antenna decommutated information (i.e. a database withouthost antenna decommutated information) to read to unencrypted telemetryto determine the telemetry data related to the antenna(s) 521 that isutilized by the customers 570. The AOC 560 then generates an antennapointing location (e.g., the specific latitude and longitude locationfor the boresight of the antenna beam) for each antenna 521 associatedwith each customer 570 by using the unencrypted telemetry. Then, the AOC560 transmits 519 (e.g., via a web browser over the internet (e.g., viaa terrestrial link with internet protocol security (IPsec) over avirtual private network (VPN)) the antenna pointing location for eachantenna 521 associated with each customer 570 respectively to eachcustomer 570. Then, in one or more embodiments, the antenna pointinglocation (e.g., the specific latitude and longitude location for theboresight of the antenna beam) for each antenna 521 associated with eachcustomer 570 will be displayed respectively on a computer screen 910(refer to FIG. 9) associated with each customer 570.

The AOC 560 generates SOC telemetry (i.e. the telemetry data related tothe antenna(s) 520 that is utilized by the SOC 550 (i.e. the host)) byremoving all of the telemetry data related to the antenna(s) 521 that isutilized by the customers 570 from the unencrypted telemetry. Then, theAOC 560 transmits 518 (e.g., via a terrestrial link with internetprotocol security (IPsec) over a virtual private network (VPN)) the SOCtelemetry to the SOC 550.

FIGS. 6A, 6B, 6C, and 6D together show a flow chart for the disclosedmethod for secured multi-payload antennas operators operations utilizingan AOC uplink, a SOC, and a two COMSEC varieties for encryption, inaccordance with at least one embodiment of the present disclosure. Atthe start 600 of the method, at least one customer transmits an antennalocation pointing request for each of at least one antenna associatedwith each of at least one customer to an antenna operations center (AOC)605. Then, the AOC generates unencrypted AOC commands using the antennalocation pointing request for each of at least one antenna 610. The AOCthen encrypts the unencrypted AOC commands utilizing a secondcommunication security (COMSEC) variety to generate encrypted AOCcommands 615. A satellite operation center (SOC) encrypts unencryptedSOC commands utilizing a first COMSEC variety to generate encrypted SOCcommands, where the unencrypted SOC commands are related to at least oneantenna associated with a host 620. The SOC then transmits the encryptedSOC commands to the AOC 625. Then, the AOC transmits the encrypted AOCcommands and the encrypted SOC commands to a ground antenna 630. Theground antenna then transmits the encrypted AOC commands and theencrypted SOC commands to at least one command receiver on the vehicle635.

Then, at least one command receiver on the vehicle transmits theencrypted SOC commands to a first communication security module on thevehicle 640. The first communication security module on the vehicle thendecrypts the encrypted SOC commands utilizing the first COMSEC varietyto generate the unencrypted SOC commands 645. Then, the firstcommunication security module on the vehicle transmits the unencryptedSOC commands to at least one processor on the vehicle 650.

At least one command receiver on the vehicle also transmits theencrypted AOC commands to a second communication security module on thevehicle 655. The second communication security module on the vehiclethen decrypts the AOC commands utilizing the second COMSEC variety togenerate the unencrypted AOC commands 660. The second communicationsecurity module on the vehicle then transmits the unencrypted AOCcommands to at least one processor on the vehicle 665. At least oneprocessor then generates customer antenna gimballing commands for eachrespective at least one antenna associated with each of at least onecustomer by using the unencrypted AOC commands 670. Also, at least oneprocessor generates host antenna gimballing commands for each respectiveat least one antenna associated with the host by using the unencryptedSOC commands 675. Then, at least one processor transmits the customerantenna gimballing commands respectively to each of at least one antennaassociated with each of at least one customer 680. Also, at least oneprocessor transmits the host antenna gimballing commands respectively toeach of at least one antenna associated with the host 681. Then, each ofat least one antenna associated with each of at least one customer isrespectively gimballed by using the customer antenna gimballing commands682. Also, each of at least one antenna associated with the host isrespectively gimballed by using the host antenna gimballing commands683.

Then, each of at least one antenna associated with each of at least onecustomer and each of at least one antenna associated with the hosttransmits antenna gimballing telemetry to at least one processor 684. Atleast one processor then generates unencrypted telemetry by using theantenna gimballing telemetry 685. Then, at least one processor transmitsthe unencrypted telemetry to the second communication security module686. The second communication security module then encrypts theunencrypted telemetry using the second COMSEC variety to generateencrypted telemetry 687. Then, the second communication security moduletransmits the encrypted telemetry to at least one telemetry transmitter688. At least one telemetry transmitter then transmits the encryptedtelemetry to the ground antenna 689.

Then, the ground antenna transmits the encrypted telemetry to the AOC690. The AOC then decrypts the encrypted telemetry using the secondCOMSEC variety to generate the unencrypted telemetry 691. Then, the AOCgenerates an antenna pointing location telemetry for each of at leastone antenna associated with each of at least one customer by using theunencrypted telemetry 692. Then, the AOC transmits the antenna pointinglocation telemetry for each of at least one antenna associated with eachof at least one customer respectively to each of at least one customer693. The AOC then generates SOC telemetry by using the unencryptedtelemetry. The AOC then transmits the SOC telemetry to the SOC 695.Then, the method ends 696.

FIG. 7 is a diagram 700 showing the disclosed system for securedmulti-payload antennas operators operations utilizing a SOC 750 uplink708 and a single COMSEC variety (e.g., COMSEC variety 1) for encryption,in accordance with at least one embodiment of the present disclosure. Inthis figure, a vehicle 710, a satellite operation center (SOC) 750, andmultiple customers 770 (i.e. n number of customers, where n is greaterthan or equal to one) are shown. The customers 770 have each leased atleast one antenna 721 on the vehicle 710 from the owner of a satellite(i.e. the SOC 750 (i.e. the host)). It should be noted that in someembodiments, the customers 770 may lease all of the antennas 720, 721 onthe vehicle 710 from the owner of a satellite (i.e. the SOC 750). Inthese embodiments, the SOC commands, which will be discussed in furtherdetail below, will simply be unoperational commands or nonexistent.

Various different types of vehicles 710 may be employed for the vehicle710 including, but not limited to, an airborne vehicle. And, variousdifferent types of airborne vehicles may be employed for the vehicle 710including, but not limited to, a satellite, an aircraft, an unmannedaerial vehicle (UAV), and a space plane. Additionally, various differenttypes of satellites may be employed for the vehicle 710 including, butnot limited to geosynchronous earth orbit (GEO) satellites, medium earthorbit (MEO), lower earth orbit (LEO), and highly elliptical orbit (HEO)satellites.

During operation, each customer 770 generates an antenna pointingrequest for each antenna 721 associated with the customer 770. Forexample, Customer #1 770 generates an antenna pointing request for theCustomer #1 assigned antenna 721 on the vehicle 710. There may bevarious different ways the customer 770 generates the antenna pointingrequest. In one or more embodiments, the customer 770 utilizes agraphical user interface (GUI) (e.g., at the customer's 770 remotelocation) to select (or input) a specific latitude and longitudelocation for the boresight of the antenna beam of for each antenna onthe vehicle 710 that the customer is leasing. One example GUI that maybe employed is shown in FIG. 9. A discussion regarding the details ofthe GUI in FIG. 9 can be found above.

After each customer 770 generates an antenna pointing request (e.g., aspecific latitude and longitude location for the boresight of theantenna beam) for each antenna 721 associated with the customer 770,each customer 770 then transmits 705 (e.g., via a web browser over theinternet (e.g., via a terrestrial link with internet protocol security(IPsec) over a virtual private network (VPN)) their antenna pointingrequests to a secure portion of the SOC 750. In one or more embodiments,the antenna pointing requests are transmitted 705 without encryption.However, in other embodiments, there may be a point-to-point encryptionutilized between the customers 770 and the SOC 750.

After the SOC 750 receives the antenna pointing requests from thecustomers 770, in a secure portion of the SOC 750, the SOC 750 generatesunencrypted customer commands using the antenna pointing requests. Theunencrypted customer commands are commands that are used to command thegimballing mechanism for each antenna 721 associated with a customer 770according to their respective antenna pointing requests. For example, ifCustomer #1 770 has specified that the Customer #1 assigned antenna 721should be gimballed such that the latitude and longitude of the antennabeam of the Customer #1 assigned antenna 721 be located at Berlin,Germany, and the latitude and longitude of the antenna beam of theCustomer #1 assigned antenna 721 is currently at London, England; theunencrypted customer commands will specify that the gimballing mechanism(e.g., stepper motor) on the vehicle 710 gimbal (i.e. steer) theCustomer #1 assigned antenna 721 accordingly (e.g., ten steps in azimuthand one step in elevation).

After the SOC 750 has generated the unencrypted customer commands, in asecure portion of the SOC 750, the SOC 750 then encrypts the unencryptedcustomer commands utilizing a communication security (COMSEC) variety togenerate encrypted customer commands. It should be noted that the COMSECvariety may include at least one encryption key and/or at least onealgorithm (e.g., a Type 1 encryption algorithm or a Type 2 encryptionalgorithm).

The SOC 750 also encrypts unencrypted SOC commands using the COMSECvariety to generate encrypted SOC commands. It should be noted that theunencrypted SOC commands are commands that are used to command thegimballing mechanism for each antenna 720 associated with the host (i.e.the SOC 750) according to the host's respective antenna pointingrequests. Similar to the unencrypted customer commands, the unencryptedSOC commands will specify that the gimballing mechanism (e.g., steppermotor) on the vehicle 710 gimbal (i.e. steer) each host assigned antenna720 accordingly.

The SOC 750 will then transmit 707 (e.g., via a terrestrial link withinternet protocol security (IPsec) over a virtual private network (VPN))the encrypted customer commands and the encrypted SOC commands to aground antenna 730. It should be noted that, although in FIG. 7 the SOC750 is depicted to be located far from the ground antenna 730, in someembodiments, the ground antenna 730 may be located right next to the SOC750.

Then, the ground antenna 730 transmits 708 the encrypted customercommands and the encrypted SOC commands to the vehicle 710. The groundantenna 730 transmits 708 the encrypted customer commands and theencrypted SOC commands utilizing an out-of-band frequency band(s) (i.e.a frequency band(s) that is not the same frequency band(s) utilized bythe antennas 720, 721 to transmit payload data). A command receiver 740on the vehicle 710 receives the encrypted customer commands and theencrypted SOC commands. It should be noted that in other embodiments,the disclosed system may employ more than one command receiver 740 thanas is shown in FIG. 7.

The command receiver 740 then transmits 709 the encrypted customercommands and the encrypted SOC commands to a communication securitymodule 745. The communication security module 745 decrypts the encryptedcustomer commands utilizing the COMSEC variety to generate theunencrypted customer commands. Also, the communication security module745 decrypts the encrypted SOC commands utilizing the COMSEC variety(e.g., COMSEC Variety 1) to generate the unencrypted SOC commands.

It should be noted that the communication security module 745 maycomprise one or more modules. In addition, the communication securitymodule 745 may comprise one or more processors.

The communication security module 745 then transmits 701 the unencryptedcustomer commands and the unencrypted SOC commands to at least oneprocessor 755. The processor(s) 755 then generates customer antennagimballing commands (e.g., machine commands for the gimballing mechanismstepper motor for each antenna) for each customer antenna 721 by usingthe unencrypted customer commands. The processor(s) 755 also generateshost antenna gimballing commands (e.g., machine commands for thegimballing mechanism stepper motor for each antenna) for each hostantenna 720 by using the unencrypted SOC commands.

The processor(s) 755 then transmits 712 the customer antenna gimballingcommands respectively to each customer antenna 721. The gimballingmechanism for each customer antenna 721 gimbals (i.e. steers) itsrespective customer antenna 721 according to its specific customerantenna gimballing commands. Each customer antenna 721 transmits payloaddata in its respective antenna beam to at least one customer receivingantenna 790 on the ground.

The processor(s) 755 also transmits 712 the host antenna gimballingcommands respectively to each host antenna 720. The gimballing mechanismfor each host antenna 720 gimbals (i.e. steers) its respective hostantenna 720 according to its specific host antenna gimballing commands.Each host antenna 720 transmits payload data in its respective antennabeam to at least one host receiving antenna 785 on the ground.

It should be noted that in one or more embodiments, each customerantenna 721 and/or each host antenna 720 comprise a reflector and agimballing mechanism to gimbal (i.e. steer) the reflector. In someembodiments, each customer antenna 721 and/or each host antenna 720comprise at least two reflectors (i.e. a main reflector and at least onesubreflector) and a gimballing mechanism to gimbal (i.e. steer) the mainreflector. It should be noted that the main reflector and/or thesubreflector(s) may be parabolic reflectors or shaped reflectors. In theembodiments where each customer antenna 721 and/or each host antenna 720comprise two reflectors (i.e. a main reflector and one subreflector) anda gimballing mechanism to gimbal (i.e. steer) the main reflector, thereflectors (i.e. the main reflector and the subreflector) may bearranged in a Gregorian reflector antenna configuration or a Cassegrainantenna configuration. In other embodiments, each customer antenna 721and/or each host antenna 720 comprise at least one direct radiating hornantenna (e.g., an array of horn antennas) and a gimballing mechanism togimbal (i.e. steer) the direct radiating horn antenna(s) (e.g., thegimballing mechanism gimbals the horns individually or the gimballingmechanism gimbals a platform, where the direct radiating horn antennasare mounted onto the platform).

Then, each customer antenna 721 and each host antenna 720 transmit 713antenna gimballing telemetry (e.g., machine telemetry indicating thatthe antenna has been gimballed accordingly) from their respectivegimballing mechanisms to the processor(s) 755. The processor(s) 755 thengenerates unencrypted telemetry by using the gimballing telemetry.

Then, the processor(s) 755 transmits 714 the unencrypted telemetry tothe communication security module 745. The communication security module745 encrypts the unencrypted telemetry using the COMSEC variety (e.g.,COMSEC variety 1) to generate encrypted telemetry. Then thecommunication security module 745 transmits 715 the encrypted telemetryto a telemetry transmitter 765. It should be noted that in otherembodiments, the disclosed system may employ more than one telemetrytransmitter 765 than as is shown in FIG. 7.

Then, the telemetry transmitter 765 transmits 716 the encryptedtelemetry to the ground antenna 730. The telemetry transmitter 765transmits 716 the encrypted telemetry utilizing an out-of-band frequencyband(s) (i.e. a frequency band(s) that is not the same frequency band(s)utilized by the antennas 720, 721 to transmit payload data).

The ground antenna 730 then transmits 717 (e.g., via a terrestrial linkwith internet protocol security (IPsec) over a virtual private network(VPN)) the encrypted telemetry to the SOC 750. The SOC 750 then decryptsthe encrypted telemetry using the COMSEC variety to generate theunencrypted telemetry. The SOC 750 then utilizes a database thatcomprises host antenna decommutated information and does not comprisecustomer antenna decommutated information (i.e. a database withoutcustomer antenna decommutated information) to read to unencryptedtelemetry to determine the telemetry data related to the antenna(s) 720that is utilized by the SOC 750 (i.e. the host).

Then, in a secure portion of the SOC 750, the SOC 750 utilizes adatabase that comprises customer antenna decommutated information anddoes not comprise host antenna decommutated information (i.e. a databasewithout host antenna decommutated information) to read to unencryptedtelemetry to determine the telemetry data related to the antenna(s) 721that is utilized by the customers 770. In a secure portion of the SOC750, the SOC 750 then generates an antenna pointing location (e.g., thespecific latitude and longitude location for the boresight of theantenna beam) for each antenna 721 associated with each customer 770 byusing the unencrypted telemetry. Then, the SOC 750 transmits 719 (e.g.,via a web browser over the internet (e.g., via a terrestrial link withinternet protocol security (IPsec) over a virtual private network (VPN))the antenna pointing location for each antenna 721 associated with eachcustomer 770 respectively to each customer 770. Then, in one or moreembodiments, the antenna pointing location (e.g., the specific latitudeand longitude location for the boresight of the antenna beam) for eachantenna 721 associated with each customer 770 will be displayedrespectively on a computer screen 910 (refer to FIG. 9) associated witheach customer 770.

FIGS. 8A, 8B, 8C, and 8D together show a flow chart for the disclosedmethod for secured multi-payload antennas operators operations utilizinga SOC uplink and a single COMSEC variety for encryption, in accordancewith at least one embodiment of the present disclosure. At the start 800of the method, at least one customer transmits an antenna locationpointing request for each of at least one antenna associated with eachof at least one customer to a satellite operation center (SOC) 805.Then, the SOC generates unencrypted customer commands using the antennapointing location request for each of at least one antenna 810. The SOCthen encrypts the unencrypted customer commands utilizing acommunication security (COMSEC) variety to generate encrypted customercommands 815. The SOC also encrypts unencrypted SOC commands utilizingthe COMSEC variety to generate encrypted SOC commands, where theunencrypted SOC commands are related to at least one antenna associatedwith a host 820. Then, the SOC transmits the encrypted customer commandsand the encrypted SOC commands to a ground antenna 825. The groundantenna then transmits the encrypted customer commands and the encryptedSOC commands to at least one command receiver on a vehicle 830.

Then, at least one command receiver on the vehicle transmits theencrypted customer commands and the encrypted SOC commands to acommunication security module on the vehicle 835. The communicationsecurity module on the vehicle then decrypts the customer commandsutilizing the COMSEC variety to generate the unencrypted customercommands 840. Also, the communication security module on the vehicledecrypts the encrypted SOC commands utilizing the COMSEC variety togenerate the unencrypted SOC commands 845. Then, the communicationsecurity module on the vehicle transmits the unencrypted customercommands and the unencrypted SOC commands to at least one processor onthe vehicle 850. At least one processor then generates customer antennagimballing commands for each respective at least one antenna associatedwith each of at least one customer by using the unencrypted customercommands 855. At least one processor also generates host antennagimballing commands for each respective at least one antenna associatedwith the host by using the unencrypted SOC commands 860. Then, at leastone processor transmits the customer antenna gimballing commandsrespectively to each of at least one antenna associated with each of atleast one customer 865. At least one processor then transmits the hostantenna gimballing commands respectively to each of at least one antennaassociated with the host 870. Then, each of at least one antennaassociated with each of at least one customer is respectively gimballedby using the customer antenna gimballing commands 875. Also, each of atleast one antenna associated with the host is respectively gimballedusing the host antenna gimballing commands 880.

Then, each of at least one antenna associated with each of at least onecustomer and each of at least one antenna associated with the hosttransmit antenna gimballing telemetry to at least one processor 881.Then, at least one processor generates unencrypted telemetry by usingthe antenna gimballing telemetry 882. At least one processor thentransmits the unencrypted telemetry to the communication security module883. The communication security module then encrypts the unencryptedtelemetry using the COMSEC variety to generate encrypted telemetry 884.Then, the communication security module transmits the encryptedtelemetry to at least one telemetry transmitter 885. At least onetelemetry transmitter then transmits the encrypted telemetry to theground antenna 886.

Then, the ground antenna transmits the encrypted telemetry to the SOC887. The SOC then decrypts the encrypted telemetry by using the COMSECvariety to generate the unencrypted telemetry 888. Then, the SOCgenerates an antenna pointing location for each of at least one antennaassociated with each of at least one customer by using the unencryptedtelemetry 889. The SOC then transmits the antenna pointing location foreach of at least one antenna associated with each of at least onecustomer respectively to each of at least one customer 890. Then, themethod ends 895.

Although particular embodiments have been shown and described, it shouldbe understood that the above discussion is not intended to limit thescope of these embodiments. While embodiments and variations of the manyaspects of the invention have been disclosed and described herein, suchdisclosure is provided for purposes of explanation and illustrationonly. Thus, various changes and modifications may be made withoutdeparting from the scope of the claims.

Although particular embodiments have been shown and described, it shouldbe understood that the above discussion is not intended to limit thescope of these embodiments. While embodiments and variations of the manyaspects of the present disclosure have been disclosed and describedherein, such disclosure is provided for purposes of explanation andillustration only. Thus, various changes and modifications may be madewithout departing from the scope of the claims.

Where methods described above indicate certain events occurring incertain order, those of ordinary skill in the art having the benefit ofthis disclosure would recognize that the ordering may be modified andthat such modifications are in accordance with the variations of thepresent disclosure. Additionally, parts of methods may be performedconcurrently in a parallel process when possible, as well as performedsequentially. In addition, more parts or less part of the methods may beperformed.

Accordingly, embodiments are intended to exemplify alternatives,modifications, and equivalents that may fall within the scope of theclaims.

Although certain illustrative embodiments and methods have beendisclosed herein, it can be apparent from the foregoing disclosure tothose skilled in the art that variations and modifications of suchembodiments and methods can be made without departing from the truespirit and scope of the art disclosed. Many other examples of the artdisclosed exist, each differing from others in matters of detail only.Accordingly, it is intended that the art disclosed shall be limited onlyto the extent required by the appended claims and the rules andprinciples of applicable law.

We claim:
 1. A method for secured multi-payload antennas operatorsoperations, the method comprising: generating, by an antenna operationscenter (AOC), AOC commands using an antenna location pointing requestfor each of at least one antenna associated with each of at least onecustomer; transmitting, by a satellite operation center (SOC), the AOCcommands and SOC commands to a vehicle via a ground antenna, wherein theSOC commands are related to at least one antenna associated with a host;generating, on the vehicle, customer antenna gimballing commands byusing the AOC commands; generating, on the vehicle, host antennagimballing commands by using the SOC commands; gimballing respectivelyeach of the at least one antenna associated with each of the at leastone customer by using the customer antenna gimballing commands; andgimballing respectively each of the at least one antenna associated withthe host by using the host antenna gimballing commands.
 2. The method ofclaim 1, wherein the at least one antenna associated with each of the atleast one customer comprises at least one antenna reflector.
 3. Themethod of claim 1, wherein the at least one antenna associated with thehost comprises at least one antenna reflector.
 4. The method of claim 1,wherein the vehicle is one of a satellite, an aircraft, an unmannedaerial vehicle (UAV), or a space plane.
 5. The method of claim 4,wherein the satellite is one of a geosynchronous earth orbit (GEO)satellite, a medium earth orbit (MEO) satellite, a lower earth orbit(LEO) satellite, or a highly elliptical orbit (HEO) satellite.
 6. Themethod of claim 1, wherein the method further comprises generating, byeach of the at least one customer, the antenna location pointing requestfor each of the at least one antenna associated with each of the atleast one customer.
 7. The method of claim 6, wherein each of the atleast one customer utilizes a graphical user interface (GUI) to generatethe antenna location pointing request for each of the at least oneantenna associated with each of the at least one customer.
 8. The methodof claim 7, wherein each of the at least one customer indicates alongitude and latitude location for a boresight of an antenna beam foreach of the at least one antenna associated with each of the at leastone customer.
 9. The method of claim 8, wherein each of the at least onecustomer indicates the longitude and latitude location, for a boresightof an antenna beam for each of the at least one antenna associated witheach of the at least one customer, by inputting longitude and latitudenumerical values into at least one GUI.
 10. The method of claim 8,wherein each of the at least one customer indicates the longitude andlatitude location, for a boresight of an antenna beam for each of the atleast one antenna associated with each of the at least one customer, byselecting longitude and latitude numerical values from at least one GUI.11. A system for secured multi-payload antennas operators operations,the system comprising: an antenna operations center (AOC) to generateAOC commands using an antenna location pointing request for each of atleast one antenna associated with each of at least one customer; asatellite operation center (SOC) to transmit the AOC commands and SOCcommands to a vehicle via a ground antenna, wherein the SOC commands arerelated to at least one antenna associated with a host; the vehicle togenerate customer antenna gimballing commands by using the AOC commandsand to generate host antenna gimballing commands by using the SOCcommands; each of the at least one antenna associated with each of theat least one customer gimballed respectively by using the customerantenna gimballing commands; and each of the at least one antennaassociated with the host gimballed respectively by using the hostantenna gimballing commands.
 12. The system of claim 11, wherein the atleast one antenna associated with each of the at least one customercomprises at least one antenna reflector.
 13. The system of claim 11,wherein the at least one antenna associated with the host comprises atleast one antenna reflector.
 14. The system of claim 11, wherein thevehicle is one of a satellite, an aircraft, an unmanned aerial vehicle(UAV), or a space plane.
 15. The system of claim 14, wherein thesatellite is one of a geosynchronous earth orbit (GEO) satellite, amedium earth orbit (MEO) satellite, a lower earth orbit (LEO) satellite,or a highly elliptical orbit (HEO) satellite.
 16. The system of claim11, wherein the system further comprises a graphical user interface(GUI) configured to obtain the antenna location pointing request foreach of the at least one antenna associated with each of the at leastone customer.
 17. The system of claim 16, wherein the system furthercomprises at least one computer screen to display the GUI.
 18. Thesystem of claim 11, wherein the antenna location pointing requestcomprises a longitude and latitude location for a boresight of anantenna beam for each of the at least one antenna associated with eachof the at least one customer.
 19. The system of claim 18, wherein a GUIcomprises a plurality of input boxes for numerical values for thelongitude and latitude location for the boresight of the antenna beamfor each of the at least one antenna associated with each of the atleast one customer.
 20. The system of claim 18, wherein a GUI isconfigured to have numerical values for the longitude and latitudelocation, for the boresight of the antenna beam for each of the at leastone antenna associated with each of the at least one customer, inputtedinto the GUI or selected from the GUI.